From 3b6ee703f5ecf680063a3ad203e8fcdc29785be1 Mon Sep 17 00:00:00 2001
From: Malte Poll <mp@edgeless.systems>
Date: Thu, 13 Oct 2022 12:34:32 +0200
Subject: [PATCH] Move PCR indices for owner ID and cluster ID

---
 cli/internal/cloudcmd/validators_test.go | 17 ++++++++++++++++-
 cli/internal/cmd/init_test.go            |  4 ++++
 internal/attestation/vtpm/initialize.go  |  9 +++++----
 internal/config/config.go                |  4 ++--
 internal/config/measurements.go          | 19 +++++++++++++------
 5 files changed, 40 insertions(+), 13 deletions(-)

diff --git a/cli/internal/cloudcmd/validators_test.go b/cli/internal/cloudcmd/validators_test.go
index 644c99c87..57a4e6822 100644
--- a/cli/internal/cloudcmd/validators_test.go
+++ b/cli/internal/cloudcmd/validators_test.go
@@ -208,6 +208,17 @@ func TestValidatorUpdateInitPCRs(t *testing.T) {
 			10: zero,
 			11: zero,
 			12: zero,
+			13: zero,
+			14: zero,
+			15: zero,
+			16: zero,
+			17: one,
+			18: one,
+			19: one,
+			20: one,
+			21: one,
+			22: one,
+			23: zero,
 		}
 	}
 
@@ -298,7 +309,11 @@ func TestValidatorUpdateInitPCRs(t *testing.T) {
 					assert.Equal(pcrZeroUpdatedOne[:], pcr)
 
 				default:
-					assert.Equal(zero, validators.pcrs[uint32(i)])
+					if i >= 17 && i <= 22 {
+						assert.Equal(one, validators.pcrs[uint32(i)])
+					} else {
+						assert.Equal(zero, validators.pcrs[uint32(i)])
+					}
 				}
 			}
 		})
diff --git a/cli/internal/cmd/init_test.go b/cli/internal/cmd/init_test.go
index 9341ff79b..37a02cb32 100644
--- a/cli/internal/cmd/init_test.go
+++ b/cli/internal/cmd/init_test.go
@@ -394,6 +394,9 @@ func TestAttestation(t *testing.T) {
 	cfg.Provider.QEMU.Measurements[1] = []byte("11111111111111111111111111111111")
 	cfg.Provider.QEMU.Measurements[2] = []byte("22222222222222222222222222222222")
 	cfg.Provider.QEMU.Measurements[3] = []byte("33333333333333333333333333333333")
+	cfg.Provider.QEMU.Measurements[4] = []byte("44444444444444444444444444444444")
+	cfg.Provider.QEMU.Measurements[8] = []byte("88888888888888888888888888888888")
+	cfg.Provider.QEMU.Measurements[9] = []byte("99999999999999999999999999999999")
 	require.NoError(fileHandler.WriteYAML(constants.ConfigFilename, cfg, file.OptNone))
 
 	ctx := context.Background()
@@ -484,6 +487,7 @@ func defaultConfigWithExpectedMeasurements(t *testing.T, conf *config.Config, cs
 		conf.Provider.GCP.Measurements[9] = []byte("11111111111111111111111111111111")
 	case cloudprovider.QEMU:
 		conf.Provider.QEMU.Image = "some/image/location"
+		conf.Provider.QEMU.Measurements[4] = []byte("44444444444444444444444444444444")
 		conf.Provider.QEMU.Measurements[8] = []byte("00000000000000000000000000000000")
 		conf.Provider.QEMU.Measurements[9] = []byte("11111111111111111111111111111111")
 	}
diff --git a/internal/attestation/vtpm/initialize.go b/internal/attestation/vtpm/initialize.go
index 03dbeab83..171f73685 100644
--- a/internal/attestation/vtpm/initialize.go
+++ b/internal/attestation/vtpm/initialize.go
@@ -14,12 +14,13 @@ import (
 )
 
 const (
-	// PCRIndexOwnerID is a PCR we extend to mark the node as initialized.
-	// The value used to extend is derived from Constellation's master key.
-	PCRIndexOwnerID = tpmutil.Handle(11)
 	// PCRIndexClusterID is a PCR we extend to mark the node as initialized.
 	// The value used to extend is a random generated 32 Byte value.
-	PCRIndexClusterID = tpmutil.Handle(12)
+	PCRIndexClusterID = tpmutil.Handle(15)
+	// PCRIndexOwnerID is a PCR we extend to mark the node as initialized.
+	// The value used to extend is derived from Constellation's master key.
+	// TODO: move to stable, non-debug PCR before use.
+	PCRIndexOwnerID = tpmutil.Handle(16)
 )
 
 // MarkNodeAsBootstrapped marks a node as initialized by extending PCRs.
diff --git a/internal/config/config.go b/internal/config/config.go
index e1719c55c..66bdd9133 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -231,7 +231,7 @@ func Default() *Config {
 				InstanceType:         "Standard_DC4as_v5",
 				StateDiskType:        "Premium_LRS",
 				Measurements:         copyPCRMap(azurePCRs),
-				EnforcedMeasurements: []uint32{4, 8, 9, 11, 12},
+				EnforcedMeasurements: []uint32{4, 8, 9, 11, 12, 13, 15},
 				IDKeyDigest:          "57486a447ec0f1958002a22a06b7673b9fd27d11e1c6527498056054c5fa92d23c50f9de44072760fe2b6fb89740b696",
 				EnforceIDKeyDigest:   func() *bool { b := true; return &b }(),
 				ConfidentialVM:       func() *bool { b := true; return &b }(),
@@ -246,7 +246,7 @@ func Default() *Config {
 				StateDiskType:         "pd-ssd",
 				ServiceAccountKeyPath: "",
 				Measurements:          copyPCRMap(gcpPCRs),
-				EnforcedMeasurements:  []uint32{0, 4, 8, 9, 11, 12},
+				EnforcedMeasurements:  []uint32{0, 4, 8, 9, 11, 12, 13, 15},
 			},
 			QEMU: &QEMUConfig{
 				ImageFormat:           "qcow2",
diff --git a/internal/config/measurements.go b/internal/config/measurements.go
index 19d0e8bc1..e23cff239 100644
--- a/internal/config/measurements.go
+++ b/internal/config/measurements.go
@@ -25,22 +25,29 @@ import (
 type Measurements map[uint32][]byte
 
 var (
+	zero = []byte{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
 	// gcpPCRs are the PCR values for a GCP Constellation node that are initially set in a generated config file.
 	gcpPCRs = Measurements{
 		0:                              {0x0F, 0x35, 0xC2, 0x14, 0x60, 0x8D, 0x93, 0xC7, 0xA6, 0xE6, 0x8A, 0xE7, 0x35, 0x9B, 0x4A, 0x8B, 0xE5, 0xA0, 0xE9, 0x9E, 0xEA, 0x91, 0x07, 0xEC, 0xE4, 0x27, 0xC4, 0xDE, 0xA4, 0xE4, 0x39, 0xCF},
-		uint32(vtpm.PCRIndexOwnerID):   {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-		uint32(vtpm.PCRIndexClusterID): {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+		11:                             zero,
+		12:                             zero,
+		13:                             zero,
+		uint32(vtpm.PCRIndexClusterID): zero,
 	}
 
 	// azurePCRs are the PCR values for an Azure Constellation node that are initially set in a generated config file.
 	azurePCRs = Measurements{
-		uint32(vtpm.PCRIndexOwnerID):   {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-		uint32(vtpm.PCRIndexClusterID): {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+		11:                             zero,
+		12:                             zero,
+		13:                             zero,
+		uint32(vtpm.PCRIndexClusterID): zero,
 	}
 
 	qemuPCRs = Measurements{
-		uint32(vtpm.PCRIndexOwnerID):   {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
-		uint32(vtpm.PCRIndexClusterID): {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
+		11:                             zero,
+		12:                             zero,
+		13:                             zero,
+		uint32(vtpm.PCRIndexClusterID): zero,
 	}
 )